User authentication is a key component of modern computerized devices such as computers, laptops, tablets, smart phones, personal digital assistants (PDAs), and the like. Conventionally, passwords have been used for user authentication. However, hacking techniques are becoming more sophisticated and passwords can be cracked.
Alternative forms of authentication include soft biometrics such as face recognition. But current face recognition technologies are vulnerable to replay attacks and are easily confused or otherwise bypassed by clever users. For example, hackers today can use a photograph of the authorized user to fool the face recognition algorithms. By way of another example, a highly motivated adversary might use a computer simulated 3D face rendered on a display facing the camera such that the adversary can control the 3D face and the response, thereby illegitimately gaining access to the device.
Accordingly, a need remains for improved biometric based authentication procedures. It would be desirable to provide password-less and biometric theft resistant user authentication. Such authentication procedures should be capable of discerning the difference between three dimensional contours of a human face and a flat surface, and should include Turing test based user authentication protocols and user presence verification elements, thereby significantly reducing the attack space.